General
-
Target
45a5522eb2e0f0cc63a44ecf7a1973b295fddd883b10cb340f4ec5d654b1577d
-
Size
4.0MB
-
Sample
221130-xrqd6aff55
-
MD5
7dd5c3896b49697829a6dfec42745690
-
SHA1
7dbc81a87d3888ca260068096c690f38fb2fcb93
-
SHA256
45a5522eb2e0f0cc63a44ecf7a1973b295fddd883b10cb340f4ec5d654b1577d
-
SHA512
85326048423612f9448ad2b2763ea2915473509f4126940e4a3a62db5a5682a875be85e9a2f26d343d3713bf10c33a0e60307ca5b11920d59748433892123ceb
-
SSDEEP
98304:j79B4abaTapF5OZmo0qwrcp8jRx05icqg7XY:j792abaeH2gqwjVxaYQI
Static task
static1
Malware Config
Targets
-
-
Target
45a5522eb2e0f0cc63a44ecf7a1973b295fddd883b10cb340f4ec5d654b1577d
-
Size
4.0MB
-
MD5
7dd5c3896b49697829a6dfec42745690
-
SHA1
7dbc81a87d3888ca260068096c690f38fb2fcb93
-
SHA256
45a5522eb2e0f0cc63a44ecf7a1973b295fddd883b10cb340f4ec5d654b1577d
-
SHA512
85326048423612f9448ad2b2763ea2915473509f4126940e4a3a62db5a5682a875be85e9a2f26d343d3713bf10c33a0e60307ca5b11920d59748433892123ceb
-
SSDEEP
98304:j79B4abaTapF5OZmo0qwrcp8jRx05icqg7XY:j792abaeH2gqwjVxaYQI
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-